netstat命令的作用
netstat命令是我们经常会用到的一个命令,通常用来查看各种网络信息,比如网络连接、路由表、接口状态等等,但是它到底如何适用呢?下来我们一起来看:
当我们在命令行下输入netstat之后会显示以下信息
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 32 0 yeling:60780 100.100.27.15:squid CLOSE_WAIT
tcp 0 0 yeling:46694 100.100.30.26:http ESTABLISHED
tcp 0 0 localhost:31000 localhost:32000 ESTABLISHED
tcp 0 0 yeling:ssh 113.201.51.67:37451 ESTABLISHED
tcp 0 0 yeling:59514 100.100.80.4:irdmi ESTABLISHED
tcp 0 0 localhost:32000 localhost:31000 ESTABLISHED
tcp 0 52 yeling:ssh 113.201.51.67:37445 ESTABLISHED
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags Type State I-Node Path
unix 11 [ ] DGRAM 7423 /dev/log
unix 2 [ ] DGRAM 10352 /run/systemd/shutdownd
unix 3 [ ] DGRAM 7402 /run/systemd/notify
unix 2 [ ] DGRAM 7404 /run/systemd/cgroups-agent
unix 5 [ ] DGRAM 7421 /run/systemd/journal/socket
unix 2 [ ] STREAM CONNECTED 24345
unix 3 [ ] STREAM CONNECTED 12432 /run/systemd/journal/stdout
unix 3 [ ] STREAM CONNECTED 12370
unix 3 [ ] STREAM CONNECTED 14637 /run/systemd/journal/stdout
从上图可以看出,netstat命令的执行结果工分为两部分
第一部分是Active Internet connections,称为有源TCP链接,其中Recv-Q和Send-Q分别为接受队列和发送队列。
第二部分是Active UNIX domain socket,称为有源Unix域套接字,只用于本机通信,但通信效率要高的多。
netstat常见选项
netstat命令有以下几个常见的选项:
- -a(all) : 显示所有选项,默认不显示LISTEN相关的
- -t(tcp) : 显示TCP相关选项
- -u(udp) : 显示UDP相关选项
- -n : 拒绝显示别名
- -l : 列出处于LISTEN的程
- -p : 显示程序名
- -r : 显示路由信息
- -c : 每隔固定时间执行一次netstat命令
使用实例:
- 列出所有的链接 netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:http 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:https 0.0.0.0:* LISTEN
tcp 0 0 localhost:15772 0.0.0.0:* LISTEN
tcp 0 0 localhost:32000 0.0.0.0:* LISTEN
tcp 0 0 yeling:46694 100.100.30.26:http ESTABLISHED
tcp 0 0 localhost:31000 localhost:32000 ESTABLISHED
tcp 0 36 yeling:ssh 113.201.51.67:37451 ESTABLISHED
tcp 0 0 yeling:59514 100.100.80.4:irdmi ESTABLISHED
tcp 0 0 localhost:32000 localhost:31000 ESTABLISHED
tcp 0 68 yeling:ssh 113.201.51.67:37445 ESTABLISHED
tcp6 0 0 [::]:mysql [::]:* LISTEN
udp 0 0 0.0.0.0:bootpc 0.0.0.0:*
udp 0 0 yeling:ntp 0.0.0.0:*
udp 0 0 localhost:ntp 0.0.0.0:*
udp 0 0 0.0.0.0:ntp 0.0.0.0:*
udp6 0 0 [::]:ntp [::]:*
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 11 [ ] DGRAM 7423 /dev/log
unix 2 [ ACC ] STREAM LISTENING 15508 /tmp/Aegis-<Guid(5A2C30A2-A87D-490A-9281-6765EDAD7CBA)>
unix 2 [ ACC ] STREAM LISTENING 15110 /home/staragent/data/ppf.sock
unix 2 [ ACC ] SEQPACKET LISTENING 10512 /run/udev/control
unix 2 [ ACC ] STREAM LISTENING 15183 /home/staragent/data/core.sock
unix 2 [ ACC ] STREAM LISTENING 19867 /tmp/mysql.sock
unix 2 [ ACC ] STREAM LISTENING 20829 /home/www/logs/php-fpm.sock
unix 2 [ ACC ] STREAM LISTENING 11869 /run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 10336 /run/systemd/private
unix 2 [ ] DGRAM 10352 /run/systemd/shutdownd
unix 2 [ ACC ] STREAM LISTENING 15509 /usr/local/aegis/Aegis-<Guid(5A2C30A2-A87D-490A-9281-6765EDAD7CBA)>
unix 3 [ ] DGRAM 7402 /run/systemd/notify
unix 2 [ ] DGRAM 7404 /run/systemd/cgroups-agent
unix 2 [ ACC ] STREAM LISTENING 7418 /run/systemd/journal/stdout
unix 5 [ ] DGRAM 7421 /run/systemd/journal/socket
unix 2 [ ] STREAM CONNECTED 24345
unix 3 [ ] STREAM CONNECTED 12432 /run/systemd/journal/stdout
unix 3 [ ] STREAM CONNECTED 12370
unix 3 [ ] STREAM CONNECTED 14637 /run/systemd/journal/stdout
- 列出所有的TCP链接 netstat -at
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:http 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:https 0.0.0.0:* LISTEN
tcp 0 0 localhost:15772 0.0.0.0:* LISTEN
tcp 0 0 localhost:32000 0.0.0.0:* LISTEN
tcp 0 0 yeling:46694 100.100.30.26:http ESTABLISHED
tcp 0 0 localhost:31000 localhost:32000 ESTABLISHED
tcp 0 0 yeling:32858 100.100.27.15:squid ESTABLISHED
tcp 0 0 yeling:ssh 113.201.51.67:37451 ESTABLISHED
tcp 0 0 yeling:59514 100.100.80.4:irdmi ESTABLISHED
tcp 0 0 localhost:32000 localhost:31000 ESTABLISHED
tcp 0 576 yeling:ssh 113.201.51.67:37445 ESTABLISHED
tcp6 0 0 [::]:mysql [::]:* LISTEN
- 列出所有的UDP链接 netstat -au
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
udp 0 0 0.0.0.0:bootpc 0.0.0.0:*
udp 0 0 yeling:ntp 0.0.0.0:*
udp 0 0 localhost:ntp 0.0.0.0:*
udp 0 0 0.0.0.0:ntp 0.0.0.0:*
udp6 0 0 [::]:ntp [::]:*
- 列出所有的UDP链接,不使用别名 netstat -anu
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
udp 0 0 0.0.0.0:68 0.0.0.0:*
udp 0 0 172.16.18.147:123 0.0.0.0:*
udp 0 0 127.0.0.1:123 0.0.0.0:*
udp 0 0 0.0.0.0:123 0.0.0.0:*
udp6 0 0 :::123 :::*
- 列出所有处于LISTEN状态的TCP端口 netstat -lt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:http 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:https 0.0.0.0:* LISTEN
tcp 0 0 localhost:15772 0.0.0.0:* LISTEN
tcp 0 0 localhost:32000 0.0.0.0:* LISTEN
tcp6 0 0 [::]:mysql [::]:* LISTEN
看了这么多,netstat命令的基本用法也差不多学会了吧,剩下的就是勤加练习,在使用socket编程时,这个命令也可以帮助你排除错误,是非常有用的一个命令呢
